https://fedoraproject.org/wiki/Changes/RPM-4.18
== Summary ==
Update RPM to the [
https://rpm.org/wiki/Releases/4.18.0 4.18] release.
== Owner ==
* Name: [[User:pmatilai|Panu Matilainen]]
* Email: pmatilai(a)redhat.com
== Detailed Description ==
RPM 4.18 contains various improvements over previous versions, but in
particular this release addresses a whole class of symlink handling
related security issues, some with CVE's, from 2021. Other notable
improvements include
* A more intuitive conditional builds macro `%bcond`
* A more robust and secure `--restore` functionality
* Long-standing `%patch` quirks fixed
* Weak dependencies accept qualifiers like `meta` and `pre` now
* New interactive shell for working with macros (`rpmspec --shell`)
and embedded Lua (`rpmlua`)
* New `%conf` spec section for build configuration
* New `rpmuncompress` cli tool simplifies unpacking multiple sources
* Numerous macro improvements and fixes
* Numerous OpenPGP parser correctness and security fixes
== Benefit to Fedora ==
The main benefits of this release are increased security and packaging
experience improvements, see above for details.
== Scope ==
* Proposal owners:
** Rebase RPM
** Assist with dealing with incompatibilities
* Other developers:
** Test new release, report issues and bugs
* Release engineering: [
https://pagure.io/releng/issue/10742 #10742]
* Policies and guidelines: N/A (not needed for this Change). Utilizing
new rpm features is subject to packaging guidelines but othe
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives: N/A (no relation to current objectives)
== Upgrade/compatibility impact ==
There are no noteworthy compatibility issues with this release.
== How To Test ==
Rpm receives a thorough and constant testing via every single package
build, system installs and updates. New features can be tested
specifically as per their documentation.
== User Experience ==
There are no major differences in the normal user experience.
== Dependencies ==
* No new dependencies are introduced in this release
* Other changes are known to be affected
* Library soname will not change so no rebuilds are required
== Contingency Plan ==
* Contingency mechanism: Revert back to RPM 4.17
* Contingency deadline: Beta freeze
* Blocks release? No
== Documentation ==
Work-in-progress release notes at
https://rpm.org/wiki/Releases/4.18.0
and reference manual at
https://github.com/rpm-software-management/rpm/blob/master/doc/manual/ind...
== Release Notes ==
https://rpm.org/wiki/Releases/4.18.0
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis